This patch upgrades DataTables and makes some style changes to the
default DataTables toolbar style. DataTables assets are now combined and
minified using their download customizer, bundling together these
elements:
- JSZip 2.5.0
- pdfmake 0.1.36
- DataTables 1.10.18
- Buttons 1.5.6
- Column visibility 1.5.6
- HTML5 export 1.5.6
- Print view 1.5.6
- FixedHeader 3.1.4
DataTables assets have been moved from lib/jquery/plugins to
lib/datatables. The global header and footer include files are updated
correspondingly.
This patch removes the custom "four_button" pagination configuration and
updates pages which used it to use the built-in "full" type instead.
This is done for the sake of consistency and upgradability. This change
touches a lot of files.
Table-specific CSS has been moved from staff-global.scss to a new
include, _tables.scss. A second common include, _mixins.scss has some
variable definitions used in both files.
Many images have been made obsolete by this change and have been
removed.
To test, apply the patch and regenerate the staff client CSS. View
various pages in the staff client with tables:
- Not formatted by DataTables:
- Reports -> Most circulated items
- Catalog -> Search results
- Formatted by DataTables without column configuration
- Acquisitions -> Vendor search
- Lists
- Formatted by DataTables with column configuration
- Administration -> Libraries
- Administration -> Item types
- Reports -> Saved SQL reports
- Non-standard DataTables configurations:
- Circulation -> Checkouts
- Administration -> System preferences
- Reports -> Lost items
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
DataTables are used on enough pages in the staff client that it
doesn't make sense to put inclusion of the CSS into each template
where it is needed. This patch moves includes of datatables.css from
individual templates into the global header file.
To test, apply the patch and view various pages which have DataTables.
View various styles of DataTables, e.g.
- Full pagination, like item search results
- Four-button, like Saved SQL reports
Everything should look the same as it was.
Signed-off-by: Jose-Mario Monteiro-Santos <jose-mario.monteiro-santos@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
For some reason we use 'Home' in the bread crumbs, but
'Koha' as starting point in the page title.
Changed to make consistent with other pages in Circulation.
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch modifies the checkout notes template to help compliance with
coding guidelines and interface patterns:
- Convert to Bootstrap grid
- Improve DataTables configuration
- Put buttons into a toolbar and move above selection links
Also corrected: Minor markup error in circ-nav.inc
To test, apply the patch and enable the AllowCheckoutNotes system
preference. Add a few checkout notes via the OPAC.
- Go to Circulation -> Checkout notes.
- Confirm that the page looks correct at various browser widths.
- Confirm that the first and last columns of the table of notes are
not sortable.
- The table should be sorted by default by title.
- Title sorting should ignore articles "a," "an," and "the."
- Test with the CircSidebar preference both on and off.
- With CircSidebar turn on, the checkout notes menu item in the
left hand sidebar should show a count of checkout notes.
Signed-off-by: Pierre-Marc Thibault <pierre-marc.thibault@inLibro.com>
Signed-off-by: Katrin Fischer <katrin.fischer.83@web.de>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch has been generated with the script provided on bug 21576.
It only affects variable used in the href attribute of a link *when*
href it the first attribute of the node (grep "a href")
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Here we go, next step then.
As we did not fix the performance issue when autofiltering
the variables (see bug 20975), the only solution we have is to add the
filters explicitely.
This patch has been autogenerated (using add_html_filters.pl, see next
pathces) and add the html filter to all the variables displayed in the
template.
Exceptions are made (using the new 'raw' TT filter) to the variable we
already listed in the previous versions of this patch.
To test:
- Use t/db_dependent/Koha/Patrons.t to populate your DB with autogenerated
data which contain <script> tags
- Remove them from borrower_debarments.comments (there are allowed here)
update borrower_debarments set comment="html tags possible here";
- From the interface hit page and try to catch alert box.
If you find one it means you find a possible XSS.
To know where it comes from:
* note the exact URL where you found it
* note the alert box content
* Dump your DB and search for the string in the dump to identify its
location (for instance table.field)
Next:
* Ideally we would like to use the raw filter when it is not necessary
to HTML escape the variables (in big loop for instance)
* Provide a QA script to catch missing filters (we want html, uri, url
or raw, certainly others that I am forgetting now)
* Replace the html filters with uri when needed (!)
Signed-off-by: Owen Leonard <oleonard@myacpl.org>
Signed-off-by: Martin Renvoize <martin.renvoize@ptfs-europe.com>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
1. body tag was missing
2. make "Date" column sortable correctly
3. remove CDATA and type="text/javascript"
4. Handle server-side errors
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
3. In the JS console: "ReferenceError: $ is not defined", I did not
investigate it.
Where do you see this in the console? I cannot recreate on opac-user.pl
or on circ/checkout-notes.pl.
5. The alert id=error is displayed then hide in JS, but it's then
displayed half a second. We should hide it by default (css)
Fixed in this patch
6. I would move the "mark seen" and "mark not seen" buttons at the
top of the table
Fixed in this patch
8. Cursor on "Select all" and "Clear all" links must be adjusted
Fixed in this patch
9. $(".btn-xs").click(function(event){
The selector should be $("button.seen, button.notseen"), you
do not want to apply this function to all other btn-xs on
the page (maybe there are only two for now, but who knows
later?)
Fixed in this patch
12. Important: When a note is updated, it's still marked as
seen. Is it the expected behavior?
I don't see this behaviour. When a note is updated it is
marked as not seen.
opav/svc/checkout_notes:79: $issue->set({ notedate =>
dt_from_string(), note => $clean_note, noteseen => 0
})->store;
13. What will happen when hundred of notes will be on this
table? Not blocker but we will need a "hide seen" buttons to
filters the already seen notes.
Added in this patch
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch includes some changes required on comment 57:
1. Bad resolution conflict, permission self_checkout is re-add
2. The IGNORE modifier is missing in the INSERT statement
4. When I hit /circ/checkout-notes.pl from the side bar, the page displays "Checkout notes", nothing else. We should add "There is no checkout notes".
7. I would display the table on the confirmation screen as well
10. html filters are missing
11. span element should surround translatable string, to help translators
14. patron-title.inc must be used to display patron's info
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Fixing the comments in Comment 42
Ready to test
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
See Comment 27
This is ready to be tested.
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
Marcel, can you please have a look at this patch. I tried to implement
the change
my @notes = $schema->resultset('Issue')->search({ 'me.note' => { '!=', undef } }, { prefetch => [ 'borrower', { item => 'biblionumber' } ] });
to
my @notes = Koha::Checkouts->search({ 'me.note' => { '!=', undef } }, { prefetch => [ 'borrower', { item => 'biblionumber' } ] });
but am having problems on the template side. I can access the item and
biblio information about the issue, but not the borrower information,
even though the query is definitely pulling it correctly. Any
suggestions or ideas as to why this breaks?
This patch also adds the implementation of the circSidebar.
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
This patch adds a user permission for managing issue notes, and a 'noteseen'
column to the issues table.
To test:
1) Apply Bug 14224 first
2) Apply this patch, update database, rebuild schema.
3) Restart koha-common and memcached
4) Turn on AllowCheckoutNotes syspref if haven't already
5) Issue two items to two different users (one item each)
6) Log into the OPAC as one of the users and add an issue note to their
issue
7) Log out and log back into the OPAC as the other user
8) Disable Javascript
9) Refresh opac-user.pl
10) Leave a checkout note on their issue
11) Enable javascript and log into the Staff Client as a superlibrarian
user
12) Go to your user's account and edit their permissions to have
everything ticked EXCEPT circulate->manage checkout notes.
13) Go to main intranet page. There should be no message saying
'checkout notes pending'.
14) Go to circulation home page. There should be no link to Checkout notes.
15) Go back to user's permissions and tick circulate->manage checkout notes.
16) Go back to main intranet page. There should now be a message at the
bottom saying 'Checkout notes pending: 2'
17) Go to circulation home page. There should be a link to Checkout notes
with a 2 next to it. Click this link
18) Attempt to mark an checkout note as seen. This should update the status
of the checkout note to 'seen' and disable to 'mark as seen' button while
enabling the 'mark as not seen' button.
19) Test both buttons with both issues.
20) Test select all and clear all buttons
21) Confirm that buttons at the bottom are only enabled if a checkbox is
checked
22) Try selecting both issues and using the buttons at the bottom to
mark multiple issue notes at once.
23) Confirm the barcode link to the item works as expected.
24) Confirm the cardnumber link to the user works as expected.
25) Confirm all table details show correctly.
Sponsored-by: Catalyst IT
Signed-off-by: Josef Moravec <josef.moravec@gmail.com>
Followed test plan, works as expected
Signed-off-by: Marc Véron <veron@veron.ch>
Signed-off-by: Brendan Gallagher <brendan@bywatersolutions.com>
Signed-off-by: Jonathan Druart <jonathan.druart@bugs.koha-community.org>
Amended patch: Remove self-checkout permissions
Signed-off-by: Nick Clemens <nick@bywatersolutions.com>
